Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 26 Aug 2004 10:47:09 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        Tim Aslat <tim@spyderweb.com.au>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Change root user name? possible?
Message-ID:  <20040826094709.GD87719@happy-idiot-talk.infracaninophile.co.uk>
In-Reply-To: <20040826084906.5ef2b1ad@bofh.spyderweb.com.au>
References:  <20040825225051.7730643D58@mx1.FreeBSD.org> <62E23207-F6EB-11D8-8247-003065ABFD92@mac.com> <20040826084906.5ef2b1ad@bofh.spyderweb.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help 

--yudcn1FV7Hsu/q59
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Aug 26, 2004 at 08:49:06AM +0930, Tim Aslat wrote:
> In the immortal words of Charles Swiger <cswiger@mac.com>...
> > Whether this gains you much security is another question entirely, and
> > you risk breaking single-user mode and various low-level pieces of=20
> > software which expect root to exist, but it can be done.
>=20
> I know it can be done, a couple of typos in vipw and I lost the root
> account, very disconcerting, but single use mode still seemed to work,
> probably because the toor account was still intact even though it has a
> password of *.

Actually, single user mode doesn't consult the password file at all --
or anything much in /etc except for /etc/fstab, and even that you can
avoid.  It gives you a superuser login session simply by setting the
UID to 0, which is all that really counts to the lower leves of the
system.

If you think about it, that's a really useful design feature.  It
means you can recover the system even if your /etc directory gets
completely scrambled.  A good measure of the strength of your unix-fu
is how badly trashed a system you can recover without having to
re-install.  You'ld be amazed at what some people have managed to
resurrect.

	Cheers,

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK

--yudcn1FV7Hsu/q59
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (FreeBSD)

iD8DBQFBLbGdiD657aJF7eIRAhPqAJ9/k9XVoIhDr4rG6T1DJAOgY2MDwgCghpLG
Q5GR+z9TKQMQbLZaNQVxsEU=
=sTgY
-----END PGP SIGNATURE-----

--yudcn1FV7Hsu/q59--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040826094709.GD87719>